package com.woniuxy.config;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.woniuxy.entity.Perms;
import com.woniuxy.mapper.PermMapper;
import com.woniuxy.shiro.*;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.pam.FirstSuccessfulStrategy;
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.*;

@Slf4j
@Configuration
public class ShiroConfig {
    @Autowired
    PermMapper permMapper;

    @Bean
    public DbRealm dbRealm(){
        return new DbRealm();
    }

    @Bean
    public Realm jwtRealm(){
        return new JwtRealm();
    }


    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        MultiRealmAuthenticator authenticator = new MultiRealmAuthenticator();
        securityManager.setAuthenticator(authenticator);
        authenticator.setAuthenticationStrategy(new FirstSuccessfulStrategy());
        List<Realm> realms = new ArrayList<>();
        realms.add(dbRealm());
        realms.add(jwtRealm());
        securityManager.setRealms(realms);
        securityManager.setAuthorizer(dbRealm());
        return securityManager;
    }

    @Bean
    public JwtFilter jwtFilter(){
        return new JwtFilter();
    }

    @Bean
    public MyPermissionsAuthorizationFilter myPermissionsAuthorizationFilter(){
        return new MyPermissionsAuthorizationFilter();
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() throws Exception {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());

        //增加自定义的过滤器
        Map<String, Filter>filterMap=new HashMap<>();
        filterMap.put("jwt",jwtFilter());
        filterMap.put("perms",myPermissionsAuthorizationFilter());
        shiroFilterFactoryBean.setFilters(filterMap);

        //配置请求的url与过滤器的关系
        Map<String, String> object = getObject();
        shiroFilterFactoryBean.setFilterChainDefinitionMap(object);
        return shiroFilterFactoryBean;
    }

    public Map<String, String> getObject() throws Exception {
        //配置请求的url与过滤器的关系
        Map<String,String> map=new LinkedHashMap<>();
        map.put("auth","anon");
        map.put("/user/userLogin","anon");
        map.put("/user/*","roles[user]");

        //查询所有的权限列表信息
        QueryWrapper<Perms> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("type","a");
        queryWrapper.eq("status","y");
        permMapper.selectList(queryWrapper).forEach(p->{
            map.put("/"+p.getLink(),"jwt,perms["+p.getCode()+"]");
        });
        map.put("/*","jwt");
        return map;
    }
}
